summaryrefslogtreecommitdiffstats
path: root/mm
diff options
context:
space:
mode:
authorChen Gang <gang.chen@asianux.com>2013-07-04 00:02:36 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2013-07-04 01:07:31 +0200
commit9bde916bc73255dcee3d8aded990443675daa707 (patch)
tree5f8487f28ba847ff7b7ddf1df6493ba20d555ebd /mm
parentmm/page_alloc.c: add additional checking and return value for the 'table->data' (diff)
downloadlinux-9bde916bc73255dcee3d8aded990443675daa707.tar.xz
linux-9bde916bc73255dcee3d8aded990443675daa707.zip
mm/nommu.c: add additional check for vread() just like vwrite() has done
vwrite() checks for overflow. vread() should do the same thing. Since vwrite() checks the source buffer address, vread() should check the destination buffer address. Signed-off-by: Chen Gang <gang.chen@asianux.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Michel Lespinasse <walken@google.com> Cc: Rik van Riel <riel@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'mm')
-rw-r--r--mm/nommu.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/mm/nommu.c b/mm/nommu.c
index 298884dcd6e7..1898b2fe9da5 100644
--- a/mm/nommu.c
+++ b/mm/nommu.c
@@ -282,6 +282,10 @@ EXPORT_SYMBOL(vmalloc_to_pfn);
long vread(char *buf, char *addr, unsigned long count)
{
+ /* Don't allow overflow */
+ if ((unsigned long) buf + count < count)
+ count = -(unsigned long) buf;
+
memcpy(buf, addr, count);
return count;
}